An Unprofitable Identity Theft

Not long ago, my wife and I returned home from a trip to discover eight identical envelopes from the U.S. Treasury waiting for us.

Each envelope contained a single Series I savings bond. These bonds are only issued in paper form when requested on Form 8888 as part of a tax refund. The bonds were made out to my wife or myself, and contained part of my wife’s Social Security number.

However, neither she nor I had requested any such bonds. We have never filed Form 8888. In fact, we hadn’t even filed our 2014 tax return.

My first thought was that perhaps one of my wife’s relatives wanted to give her a gift in this form. But I quickly exhausted the list of candidates who might have been so inclined and who would have had access to her Social Security number.

The next day, a letter arrived from the Internal Revenue Service, informing us that they had adjusted our refund. In addition to the $1,000 worth of savings bonds, the Service would be depositing $10,049 into the three accounts we specified on Form 8888. It was now clear that we, like hundreds of thousands of others, had been the victims of identity theft targeted at Uncle Sam.

But this may have been one of history’s most spectacularly botched identity thefts. After all, thieves don’t usually send part of the stolen goods to the person whose identity they have co-opted.

Unfortunately for the government, most fraudsters are more competent than those my wife and I faced. In recent testimony before the Senate Budget Committee, IRS Commissioner John Koskinen said that the problem of illegal refunds “exploded” between 2010 and 2012, and “for a time overwhelmed law enforcement and the IRS.” J. Russell George, the treasury inspector general for tax administration, testified at the same hearing that the IRS estimates that thieves successfully siphoned more than $5 billion in fraudulent tax refunds in the filing season for 2013 alone.

But while the more competent thieves made off with their gains, I was left with the problem of what to do with the savings bonds I had been sent, which I didn’t want and couldn’t even cash for a period of one year. So I called the IRS.

After 30 minutes on hold and an hour on the line - not bad, for this sort of call - the agent with whom I spoke arrived at a suggestion. Rather than file an affidavit of identity theft with our 2014 return, which is the standard procedure in such situations, I was instructed to file the affidavit ahead of time and to send the savings bonds along with it. I said I would follow his advice.

But that afternoon, another letter from the IRS arrived. It said that at least one of the institutions we had specified to receive our refund had rejected it, so we would receive a paper check for the balance. That check duly appeared the next week in the amount of $10,049. For those of you keeping score, that means the entire fraudulent refund had been sent to my wife and me, not the fraudsters.

In the criminal manual, this isn’t the way it is supposed to go.

So I enclosed the check, along with the savings bonds and my identity theft affidavit, and dropped the package in the mail to the IRS. That was, more or less, that. Well, almost: Our 2014 return must now be filed on paper, and the IRS will send us a PIN to be used on our future electronic filings, just as it will for the approximately 1.5 million taxpayers identified as past victims of identity theft. (Presumably at least some of the fraudsters responsible had better luck than mine did.)

On the whole, I got off lightly. Koskinen noted that most taxpayers who are the victims of identity theft in 2015 can expect their situation to be resolved in 120 days or less - down from over 300 days in previous years.

As I have written before, one of the root causes of this fast-growing problem is the IRS’ insistence on sending tax refunds to parties other than the actual taxpayer. Banks verify the identities of their account holders; if the IRS would simply refuse to issue refunds except via checks payable to the taxpayer or to an account in the taxpayer’s name, most of the profit would be taken out of the tax refund fraud game, just as it was thanks to my fraudsters’ clumsiness.

The IRS does seem to be making tentative moves in this direction. George described a “clustering filter” that the IRS uses to identify multiple tax refunds issued to the same address or bank account as an anti-fraud measure. And, starting in 2015, the Service implemented a restriction limiting the number of refunds deposited to a single bank account to three per season. But tax officials have stopped short of requiring a direct name match between taxpayer and account holder.

That’s because this seemingly direct solution is tied up in the real problem that a lot of Americans, particularly those who are poor and simultaneously reliable voters for Democratic politicians, lack bank accounts. Many of these voters also receive refunds even when they have little income, because of the earned income credit and other reverse tax payments. So to make their lives easier - and also to accommodate the “refund anticipation loan” industry, whose very existence depends on redirected tax refunds - the government is also making things easier and more profitable for fraudsters. It would be more sensible for the government to find some designated banks willing to cash refund checks for a reasonable preset fee, paid by either the government or the taxpayer.

But for now, the IRS will continue to present a tempting prize for identify thieves. Unfortunately for Uncle Sam, most of them know better than to mistakenly send their prizes to the taxpayers they are impersonating.

The views expressed in this post are solely those of the author.
We welcome additional perspectives in our comments section as long as they are on topic,
civil in tone and signed with the writer's full name. All comments will be reviewed by our
moderator prior to publication.